<?php
session_start();
if(!isset($_SESSION['name'])||empty ( $_SESSION['name'])){
     header('Location: login.php');
}
include '../../functions.php';
include 'connect.php';
if(isset ($_POST['upload']))
{
    $filename= clear($_POST['filename']);
    if(strlen($filename)<2)
    {
        echo "the fileName is very small<br>";
    }
    else
    {
        if(isset($_FILES['file']))
        {
            $code=getCode();
            $upload=uploadPhoto('file',6, "mmm",$code);
            if($upload)
            {
                //inset into database
                mysql_query("insert into `files` set `filename`='$filename',`code`='$code',`user_id`='$_SESSION[id])',`uploadDate`=NOW()")
                or die (mysql_error());
                echo "uploaad succeful<br>";

            }
            else
                echo "erooooooooooooooooooooooooooooor<br>";
        }
    }
}
?>
<form method="post" enctype="multipart/form-data" action="upload.php">
    <input type="text" name="filename" />
    <input type="file" name="file" />
    <input type="submit" value="upload" name="upload" />
</form>
<br>
<a href="view.php">go to Files</a>